NXP develops new tech to counter cyberattacks on software-defined vehicles

One major risk facing the software-defined vehicle is that, with greater computing power, come increased threats to its cybersecurity.

The latest computing revolution involves the rise of quantum computing, a system using quantum mechanics that can use the digits 1 and 0 simultaneously to allow faster computing times.

However, this faster performance exposes extra risks of cyberhacking, so NXP Semiconductors has developed what it calls Post Quantum Cryptography chips and controllers to plug any future gaps in the software-defined vehicle’s armor.

WardsAuto caught up with two of the Netherlands-based company’s experts in this field in an online interview to find out what lies behind this new technology.

NXP’s software architect and technical director, Marius Rotaru, and Joppe Bos, senior principal cryptographer, did their best to explain, in layperson’s terms, how this tech can keep future software-defined vehicles safe from attack.

The Post Quantum Cryptography technology on its face may seem difficult to understand for anyone who’s not a computer geek. However, it can been seen as a fairly simple way of siloing individual computer chips, said Bos. In the event of an identified attack, the technology has on-chip isolation and doesn’t let the attack spread to other chips and controllers in the vehicle’s system.

“So how you can think about it, they're all in silos or in little prisons or jails, or whatever you want to call it, but then if one gets malicious, it cannot influence other parts of your system,” Bos explained.

Vehicle mission-critical systems, such as safety functions, top the list of priorities for the NXP platform, said Rotaru.

“That's one of the key aspects,” he said. “Because we integrate in the ECU mixed criticality functions in a single ECU, meaning that there are functionalities which are related to safety.”

By including open-source functionality in each microcontroller, post quantum cryptography technology can fend off attacks commonly associated with Linux software, Rotaru said.

“This basically creates a kind of firewall, a hardware firewall,” he explained. “To ensure this separation throughout the entire lifecycle of the vehicle.”

He added that this ability also ensures confidentiality for suppliers who would be reluctant to share their intellectual property with other suppliers to the automaker.

Bos said over-the-air updates of the company’s new S32 family of microcontrollers and microprocessors will ensure the security of the computing platform for many years to come, despite the challenges of aging technology.

“So that is exactly why there is this whole movement towards crypto-agility,” he said. “The gist of it is that you just say ‘I want to verify something’ or ‘I want to encrypt something’ and then behind the scenes, things are being used which are modern and safe, and this is then being enabled by software updates which ensure that in this case, your car can actually, for instance, verify.”

So, when will we begin seeing software-defined vehicles on the road with this level of cybersecurity?

Rotaru said platforms are already in the design stage and could possibly be installed by major automaker brands within the next couple of years. “We have OEMs which already have started with the with the post-quantum implementation, which is a must-have in order to create these future improvements,” he added.

Software-defined vehicles are on the rise in the automotive industry, as consumers demand more digital services on the move. For automakers, creating a SDV requires increasing computing power both in the vehicle and speeding up links to the cloud. It also presents the potential of new revenue streams for OEMs, as digital services can be offered through a subscription business model.